Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/kern vfs_cache - do not write outside allocated memory.



details:   https://anonhg.NetBSD.org/src/rev/e6abbf3486ff
branches:  trunk
changeset: 1017098:e6abbf3486ff
user:      uwe <uwe%NetBSD.org@localhost>
date:      Sat Dec 12 18:35:59 2020 +0000

description:
vfs_cache - do not write outside allocated memory.

In cache_cpu_init allocate struct nchcpu, not struct nchstats_percpu.
cache_update_stats expects the former (that contains two percpu
structs).  Stat updates where smashing whatever was in the next pool
allocation.

Reported by martin@ as crashes in ptyfs on Krups.

diffstat:

 sys/kern/vfs_cache.c |  7 +++----
 1 files changed, 3 insertions(+), 4 deletions(-)

diffs (28 lines):

diff -r 4d9ec7985aad -r e6abbf3486ff sys/kern/vfs_cache.c
--- a/sys/kern/vfs_cache.c      Sat Dec 12 18:19:34 2020 +0000
+++ b/sys/kern/vfs_cache.c      Sat Dec 12 18:35:59 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: vfs_cache.c,v 1.147 2020/06/04 03:08:33 riastradh Exp $        */
+/*     $NetBSD: vfs_cache.c,v 1.148 2020/12/12 18:35:59 uwe Exp $      */
 
 /*-
  * Copyright (c) 2008, 2019, 2020 The NetBSD Foundation, Inc.
@@ -172,7 +172,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: vfs_cache.c,v 1.147 2020/06/04 03:08:33 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: vfs_cache.c,v 1.148 2020/12/12 18:35:59 uwe Exp $");
 
 #define __NAMECACHE_PRIVATE
 #ifdef _KERNEL_OPT
@@ -1106,8 +1106,7 @@
        void *p;
        size_t sz;
 
-       sz = roundup2(sizeof(struct nchstats_percpu), coherency_unit) +
-           coherency_unit;
+       sz = roundup2(sizeof(struct nchcpu), coherency_unit) + coherency_unit;
        p = kmem_zalloc(sz, KM_SLEEP);
        ci->ci_data.cpu_nch = (void *)roundup2((uintptr_t)p, coherency_unit);
 }



Home | Main Index | Thread Index | Old Index